Cyber Analytics Gets a Networking Twist

High-profile cyber attacks and massive data breaches have spawned a growing list of proposed defenses that are increasingly relying on machine learning and other AI applications along with analytics to detect and stop attacks as they unfold. Emerging cyber analytics also strived to provide nervous enterprises with “behavioral intelligence” about anomalies via tools like network monitoring that might uncover increasingly worrisome insider attacks.

Among the emerging tools being provided by “professional services” vendors are new intelligence platforms designed to boost cyber defenses. The latest comes from Accenture (NYSE: ACN), which rolled out a “cyber intelligence platform” this week as part of its “managed security” portfolio. Accenture’s twist on cyber defenses is an intelligence platform that seeks to leverage a customer’s own “network telemetry data” to spot suspicious behavior rather than relying on traditional filters or pattern monitoring.

The cloud-based platform monitors network traffic and DNS data like IP addresses to spot suspicious behavior that might reveal an impending cyber attack.

Further, Accenture said its platform marries advances in big-data processer technology with its proprietary combination of artificial intelligence, machine learning and streaming analytics to help spot network-based cyber attacks as they unfold. The services provider further claims it can roll out the cyber intelligence platform within one week.

Once up and running, the platform learns to identify “normal” network traffic and can then be scaled to analyze and respond to security alerts.

Accenture said its platform also uses a custom version of Open Network Insight (ONI), an open source tool designed to monitor operational and security threats in datacenters. It also uses Cloudera’s enterprise data hub.

Separately this week, Cloudera Inc. announced an ONI partnership with four other cyber security vendors. Cloudera’s data hub serves as a secure data management and analytics platform built on Apache Hadoop.

Accenture claimed its ONI-based intelligence platform delivered ten-fold increase in processing performance during benchmark testing.

If that claim holds up in enterprise deployments, the performance increase along with broader use of what is becoming cyber analytics could be leveraged to provide real-time detection of data breaches and other cyber attacks. In the cat-and-mouse game companies are being forced to play with hackers, “Attackers continue to evolve by leveraging data technology,” noted Vikram Desai, managing director for security at Accenture Analytics.

Different intelligence-gathering approaches have emerged to anticipate and counter cyber attacks, ranging from expanded automation via machine learning and other artificial intelligence tools to using intelligence analysts to monitor social media. Either way, industry analysts say, its better for all when threat data is shared across industries to build up cyber defenses and even take the offensive.

Hence, one of Accenture’s goals in leveraging a data hub approach along with an open source tool is to help track network traffic and DNS data to draw conclusions that can be shared with security experts. Think of it as a variation on the “network effort,” the economics theory whereby a service becomes more valuable when more people use it.

Recent items:

Startup Enlist AI to Predict Cyber Threats

Machine Learning’s Big Role in the Future of Cybersecurity